Exim4 not sending authentication to a remote smarthost SMTP

Update 2014-08-15: This article also solves the symptom 503 sender is null. Seen with net.cn mail service.

I stumbled on this problem while re-configuring an Exim4 SMTP relay on Debian to work with a new service provider chosen by the customer (net263.com).

I was told to use port 25 with net263.com because they would NOT support any kind of SSL/TLS security on their SMTP server. It turned out that there was SMTPS running on port 465, making this article less relevant to net263.com but I thought I’d still share this information as it was not easy to find! Trust Nmap more than your workmates!

What I learn is that the server is not in the hosts_require_auth to force authentication and that my credentials are correctly found. After a little Googling, I tried to add my host to the . I modified /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost to add the SMTP server to hosts_require_auth such as:

Hope

If you need to enable AUTH PLAIN or AUTH LOGIN for unencrypted connections because your service provider does support neither TLS encryption nor the CRAM MD5 authentication method, you can do so by setting the AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS macro. Please refer to Section 2.1.3, “Using Exim Macros to control the configuration” for an explanation of how best to do this.

Light

That's more or less what's going on here.

After some more Googling, I finally found the fix to my problem:

Edit the file /etc/exim4/exim4.conf.localmacros (create it if it's not there)

set the content of /etc/exim4/exim4.conf.localmacros such as:

AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS = true

Then regenerate/reload the configuration either with:

dpkg-reconfigure exim4-config

Or

update-exim4.conf
/etc/init.d/exim4 restart

Conclusion

Exim is actually protecting us against sending our emails out there in the clear (as nobody should ever do in the 21st century). I just wanted to make this article as it took me several hours to figure out that this protection was there and how to disable it.